[openjpeg/f18] CVE-2012-3535

Jaromír Cápík jcapik at fedoraproject.org
Mon Sep 24 13:15:38 UTC 2012 

commit 56223ab90479eec0cc0919c78b374f57d587b4b1
Author: Jaromir Capik <jcapik at redhat.com>
Date:   Mon Sep 24 15:15:10 2012 +0200

    CVE-2012-3535

 openjpeg-1.5.0-cve-2012-3535.patch |   17 +++++++++++++++++
 openjpeg.spec                      |   15 ++++++++++-----
 2 files changed, 27 insertions(+), 5 deletions(-)
---
diff --git a/openjpeg-1.5.0-cve-2012-3535.patch b/openjpeg-1.5.0-cve-2012-3535.patch
new file mode 100644
index 0000000..1e63fe9
--- /dev/null
+++ b/openjpeg-1.5.0-cve-2012-3535.patch
@@ -0,0 +1,17 @@
+diff -Naur openjpeg-1.5.0.orig/libopenjpeg/j2k.c openjpeg-1.5.0/libopenjpeg/j2k.c
+--- openjpeg-1.5.0.orig/libopenjpeg/j2k.c	2012-02-07 11:49:55.000000000 +0100
++++ openjpeg-1.5.0/libopenjpeg/j2k.c	2012-09-24 14:54:00.921718749 +0200
+@@ -685,6 +685,13 @@
+ 		j2k->state |= J2K_STATE_ERR;
+ 	}
+ 
++	if( tccp->numresolutions > J2K_MAXRLVLS ) {
++	  opj_event_msg(j2k->cinfo, EVT_ERROR, "Error decoding component %d.\nThe number of resolutions is too big: %d vs max= %d. Truncating.\n\n",
++			compno, tccp->numresolutions, J2K_MAXRLVLS);
++	  j2k->state |= J2K_STATE_ERR;
++	  tccp->numresolutions = J2K_MAXRLVLS;
++	}
++
+ 	tccp->cblkw = cio_read(cio, 1) + 2;	/* SPcox (E) */
+ 	tccp->cblkh = cio_read(cio, 1) + 2;	/* SPcox (F) */
+ 	tccp->cblksty = cio_read(cio, 1);	/* SPcox (G) */
diff --git a/openjpeg.spec b/openjpeg.spec
index 3a40a10..65397f5 100644
--- a/openjpeg.spec
+++ b/openjpeg.spec
@@ -9,12 +9,12 @@
 
 Name:    openjpeg
 Version: 1.5.0
-Release: 4%{?dist}
+Release: 5%{?dist}
 Summary: JPEG 2000 command line tools
 
 Group:   Applications/Multimedia
 License: BSD
-URL:     http://code.google.com/p/openjpeg/ 
+URL:     http://code.google.com/p/openjpeg/
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 
 Source0: http://openjpeg.googlecode.com/files/openjpeg-%{version}.tar.gz
@@ -24,9 +24,9 @@ Source1: data.tar.xz
 %endif
 
 %if 0%{?cmake_build}
-BuildRequires: cmake 
+BuildRequires: cmake
 %else
-BuildRequires: automake libtool 
+BuildRequires: automake libtool
 %endif
 BuildRequires: doxygen
 BuildRequires: libtiff-devel
@@ -44,6 +44,7 @@ Patch52: openjpeg-1.5.0-cmake_Config.patch
 ## upstream patches:
 # http://code.google.com/p/openjpeg/issues/detail?id=118
 Patch100: openjpeg-1.5.0-pkgconfig_includedir.patch
+Patch101: openjpeg-1.5.0-cve-2012-3535.patch
 
 %description
 OpenJPEG is an open-source JPEG 2000 codec written in C. It has been
@@ -58,7 +59,7 @@ The %{name}-libs package contains runtime libraries for applications that use
 OpenJPEG.
 
 %package  devel
-Summary:  Development files for %{name} 
+Summary:  Development files for %{name}
 Group:    Development/Libraries
 Requires: %{name}-libs%{?_isa} = %{version}-%{release}
 Requires: %{name} = %{version}-%{release}
@@ -79,6 +80,7 @@ autoreconf -i -f
 %endif
 
 %patch100 -p1 -b .pkgconfig_includedir
+%patch101 -p1 -b .cve-2012-3535
 
 
 %build
@@ -162,6 +164,9 @@ make test -C %{_target_platform} ||:
 
 
 %changelog
+* Mon Sep 24 2012 Jaromir Capik <jcapik at redhat.com> 1.5.0-5
+- CVE-2012-3535
+
 * Fri Jul 20 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.5.0-4
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild

More information about the scm-commits mailing list